December, 2022

article thumbnail

The Top 23 Security Predictions for 2023 (Part 1)

Lohrman on Security

After a year full of data breaches, ransomware attacks and real-world cyber impacts stemming from Russia’s invasion of Ukraine, what’s next? Here’s part 1 of your annual roundup of security industry forecasts for 2023 and beyond

article thumbnail

Cybersecurity for Seniors: Easy and Practical Advice – A Free Webinar With Joseph Steinberg, Author of Cybersecurity For Dummies

Joseph Steinberg

Don’t open attachments. Change your password often. Don’t click on any links sent in emails or text messages. We have all received plenty of advice on how to avoid being harmed by cyber-attacks, but staying safe can often be confusing, complicated, or impractical.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

InfraGard , a program run by the U.S.

Hacking 283
article thumbnail

2022 Cyber Review: The Year the Ukraine War Shocked the World

Lohrman on Security

This past year will be remembered as another year of ransomware attacks, data breaches impacting critical infrastructure and, most of all, global cybersecurity impacts from the Russian war with Ukraine

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

Leaked Signing Keys Are Being Used to Sign Malware

Schneier on Security

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware.

Malware 250
article thumbnail

My Philosophy and Recommendations Around the LastPass Breaches

Daniel Miessler

If you follow Information Security at all you are surely aware of the LastPass breach situation. It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series.

Passwords 280

More Trending

article thumbnail

FBI’s Cyberthreat Information Sharing System Breached By Criminals – Entire User Database Believed Stolen

Joseph Steinberg

The FBI’s InfraGard program, which facilitates the sharing of information about cyberthreats and some physical threats between relevant, vetted parties throughout the public and private sector, has suffered a serious hacker breach.

article thumbnail

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Krebs on Security

The U.S.

DDOS 234
article thumbnail

The Top 23 Security Predictions for 2023 (Part 2)

Lohrman on Security

After a year full of data breaches, ransomware attacks and real-world cyber impacts stemming from Russia’s invasion of Ukraine, what’s next? Here’s part 2 of your annual roundup of security industry forecasts for 2023 and beyond

article thumbnail

Recovering Smartphone Voice from the Accelerometer

Schneier on Security

Yet another smartphone side-channel attack: “ EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers “: Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

article thumbnail

Recognize the commonalities in ransomware attacks to avoid them

Tech Republic Security

Learn how your organization can use the MITRE ATT&CK framework to prevent data breaches, fines, and the loss of clients and customers induced by ransomware threats. The post Recognize the commonalities in ransomware attacks to avoid them appeared first on TechRepublic.

article thumbnail

Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT

Anton on Security

In recent weeks, I did two fun webinars related to Security Operations, and there was a lot of fun Q&A. The questions below are sometimes slighting edited for clarity, typos, etc.

article thumbnail

SecureMySocial Issued 5th US Patent For Social Media Security Technology

Joseph Steinberg

I am happy (and proud) to announce that SecureMySocial, a cybersecurity company that I co-founded, has been issued its fifth United States patent for social media security.

Media 196
article thumbnail

Hacked Ring Cams Used to Record Swatting Victims

Krebs on Security

Photo: BrandonKleinPhoto / Shutterstock.com. Two U.S.

Hacking 226
article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

article thumbnail

Winning Teams Part 2: Learning from Sports and Cybersecurity

Lohrman on Security

What can we learn about leadership from looking back at talented teams from the past in areas ranging from sports to technology to cybersecurity to government

article thumbnail

CAPTCHA

Schneier on Security

This is an actual CAPTCHA I was shown when trying to log into PayPal. As an actual human and not a bot, I had no idea how to answer. Is this a joke? Seems not.) Is it a Magritte-like existential question? (It’s It’s not a bicycle. It’s a drawing of a bicycle.

article thumbnail

Apple unveils new iMessage, Apple ID and iCloud security for high-value targets

Tech Republic Security

Tech firm aims to strengthen security for users and meet modern cyber threat challenges with new cybersecurity technology and end-to-end cloud encryption. The post Apple unveils new iMessage, Apple ID and iCloud security for high-value targets appeared first on TechRepublic.

article thumbnail

GUEST ESSAY: Why ‘continuous pentesting’ is high among the trends set to accelerate in 2023

The Last Watchdog

There is much that can be gleaned from helping companies identify and manage their critical vulnerabilities 24X7. Related: The case for proactive pentests. Based on insights from our team of elite security researchers here at Bugcrowd, these are three trends gaining steam as 2022 comes to a close – trends that I expect to command much attention in 2023. Continuous pentesting.

article thumbnail

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

article thumbnail

Weekly Update 328

Troy Hunt

We made it! That's 2022 done and dusted, and what a year it was, both professionally and personally.

article thumbnail

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious.

Web Fraud 209
article thumbnail

Winning Teams Part 1: Learning from Basketball and Cybersecurity

Lohrman on Security

Tech leaders keep talking about building cyber talent, so what can we learn from looking back at talented teams from the past in cybersecurity and basketball

article thumbnail

Apple Is Finally Encrypting iCloud Backups

Schneier on Security

After way too many years, Apple is finally encrypting iCloud backups : Based on a screenshot from Apple, these categories are covered when you flip on Advanced Data Protection: device backups, messages backups, iCloud Drive, Notes, Photos, Reminders, Safari bookmarks, Siri Shortcuts, Voice Memos, and Wallet Passes.

Backups 248
article thumbnail

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

article thumbnail

How to deploy a self-hosted instance of the Passbolt password manager

Tech Republic Security

A password manager can keep your sensitive information in-house. Here's how to deploy Passbolt to your data center or cloud-hosted service. The post How to deploy a self-hosted instance of the Passbolt password manager appeared first on TechRepublic.

article thumbnail

GUEST ESSAY: ‘Continuous authentication’ is driving passwordless sessions into the mainstream

The Last Watchdog

Much more effective authentication is needed to help protect our digital environment – and make user sessions smoother and much more secure. Related: Why FIDO champions passwordless systems. Consider that some 80 percent of hacking-related breaches occur because of weak or reused passwords, and that over 90 percent of consumers continue to re-use their intrinsically weak passwords. Underscoring this trend, Uber was recently hacked — through its authentication system.

article thumbnail

Weekly Update 324

Troy Hunt

We're in Copenhagen! Scott and family joined us in Oslo for round 2 of wedding celebrations this week before jumping on the ferry to Copenhagen and seeing the sights here.

article thumbnail

The Equifax Breach Settlement Offer is Real, For Now

Krebs on Security

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax.

article thumbnail

Security Through Complexity

Javvad Malik

I saw this picture somewhere on social media of these many locks securing the bolt. However, upon closer inspection, you can see that by simply removing any one of the locks, you unlock the whole thing. I hope you’ll allow me the opportunity of dragging this out into a cybersecurity analogy.

Media 141
article thumbnail

How to Surrender to a Drone

Schneier on Security

The Ukrainian army has released an instructional video explaining how Russian soldiers should surrender to a drone: “Seeing the drone in the field of view, make eye contact with it,” the video instructs. Soldiers should then raise their arms and signal they’re ready to follow.

236
236
article thumbnail

Tips and tricks for securing data when migrating to the cloud

Tech Republic Security

Find out how you can have a safe and secure transition to the cloud. This guide describes tips and steps to take to ensure your data is secure during a migration. The post Tips and tricks for securing data when migrating to the cloud appeared first on TechRepublic.

article thumbnail

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

The Last Watchdog

Over the years, bad actors have started getting more creative with their methods of attack – from pretending to be a family member or co-worker to offering fortunes and free cruises. Related: Deploying employees as human sensors. Recent research from our team revealed that while consumers are being exposed to these kinds of attacks (31 percent of respondents reported they received these types of messages multiple times a day), they continue to disregard cyber safety guidelines.

Passwords 140
article thumbnail

Weekly Update 327

Troy Hunt

It's my last weekly update on the road for a while! As enjoyable as travel is, I'm looking forward to getting back to a normal routine and really starting to smash out some of the goals I have for the coming year.

article thumbnail

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

KrebsOnSecurity turns 13 years old today. That’s a crazy long time for an independent media outlet these days, but then again I’m bound to keep doing this as long as they keep letting me. Heck, I’ve been doing this so long I briefly forgot which birthday this was!